Verge (XVG), one of the leading privacy-oriented cryptocurrencies, has now lost about 95% of its value when compared to its all-time high which was set during the historic crypto market bull run.
While many other cryptocurrencies have also depreciated considerably in value from their record-level highs – including popular blockchain projects such as Qtum (QTUM) which has lost 99% of its value, Verge seems to have suffered some of the most difficult challenges out of almost all major cryptoassets.
In April 2018, the Verge platform was hit with a 51% attack in which a hacker(s) managed to steal $1 million. Although the cryptocurrency’s developers were able to fix the vulnerability that led to the attack, the legitimacy of the Verge platform was called into question as its security had been compromised. At the time of the attack, OCMiner, the Supernova mining pool admin, had revealed:
Due to several bugs in the XVG code, you can exploit this feature by mining blocks with a spoofed timestamp. When you submit a mined block (as a malicious miner or pool) you simply set a false timestamp to this block one hour ago and XVG will then “think” the last block mined on that algo was one hour ago.
Despite being launched without an initial coin offering (ICO) and also without a premine (where the founders keep a certain percentage of coins as compensation for their efforts), the open-source Verge platform has struggled to attract as large of userbase as zcash (ZEC) and monero (XMR), which are also privacy-focused cryptos that now control a much larger share of the crypto market.
When launched, Verge had all the features that would be “needed to be a top-notch privacy coin”, Reddit user turtlecane has argued. Going on to highlight the sophisticated privacy features Verge uses, the Redditor wrote: “Verge … integrates Tor (encrypted anonymous communication protocol) in all of its wallets to obfuscate IP addresses, provides I2P tunneling to ensure anonymity, uses dual-key stealth addressing to make transactions more anonymous, and has a built-in encrypted message system.”
Due to the 51% attacks and “time warp” incidents (described above), the immutability and overall reputation of Verge as a platform has now been compromised, the Reddit user noted.
Verge Hit With Multiple 51% Attacks
In April 2018, Verge’s development and management team revealed they had partnered with Pornhub, which is owned by MindGeek, a leading provider of adult entertainment content. The partnership involved Pornhub’s paid membership users paying for access to content using Verge’s privacy-oriented XVG cryptocurrency. This could have potentially been a great starting point for Verge as it could have helped the company secure more partnerships and become a more prominent cryptocurrency platform. However, Pornhub’s management seems to have cut ties with Verge and partnered with the Tron (TRX) team in August 2018 – in order to introduce cryptocurrencies to its large userbase.
Moreover, Verge was hit with what appeared to be the third 51% attack during May 2018. At the time, Verge’s management had tried to dismiss the incident as FUD, however certain well-known members in the Bitcointalk.org forum had noted that the attacks may have occurred due to Verge’s platform using multiple mining algorithms – thus opening various attack vectors for malicious entities.
As summarized by reddit user turtlecane, Verge’s developers “implemented a fix that did not work, and around May 22, 2018 attackers were able to alternate between Scrypt and Lyra2rev2 (the two main mining algorithms used by the Verge platform) and send blocks with manipulated timestamps in order to lower difficulty to the lowest possible level, at which point the attackers were manufacturing 25 blocks per minute. 35 million Verge (XVG) worth $1.8 million (at that time) was generated in a few hours.”
Switching To Proof-of-Stake Due To Issues Related To “Non-Existing Timestamps”
Although a patch was issued by Verge’s developers after the large amount of cryptocurrency was stolen, it was not “sufficient”, as turtlecane has confirmed. Then only about a week later, time warp attacks and what appeared to be a third 51% attack (described above) soon followed.
As explained by turtlecane, “an attacker mining blocks rapidly during a time warp attack could easily perform a double spend by sending a transaction and then submitting a new longer chain where the transaction did not exist.”
After all these issues, the Verge platform developers are now facing another technical challenge. The cryptocurrency’s miners are having “a difficult time setting up a working mining environment due to non-existing timestamps in Coinbase transactions”, turtlecane wrote. Due primarily to this issue, Verge’s development team is now considering switching from proof-of-work (PoW)-based consensus to proof-of-stake (PoS).
Verge May Become Centralized, Defeating Its Purpose?
While switching to the PoS consensus algorithm might prevent additional (potential) 51% attacks and time warp incidents, turtlecane has argued that PoS-based governance would make Verge increasingly centralized. Moreover, the redditor believes Verge’s “developers would [be able to] alter the block halving schedule to ensure that miners make enough revenue until the PoS transition is complete.”
Should this occur, then it may “lead to higher inflation and also shakes the confidence of Verge (XVG) investors since clearly the developers can change the coin supply at will”, turtlecane pointed out.
Commenting on the different events that have transpired since Verge’s launch, turtlecane remarked:
The Verge (XVG) saga is a good example of how time warp attacks and 51 percent attacks can destroy the reputation and destiny of a cryptocurrency, no matter how solid the premise and partnerships of a cryptocurrency are. A cryptocurrency must be immutable and secure in order to gain adoption and value.